Exemplo n.º 1
0
        public byte[][] WrapNewKey(int cekSizeBits, object key, IDictionary <string, string> header)
        {
            var cek = Arrays.Random(cekSizeBits);

#if NET40
            if (key is CngKey)
            {
                var publicKey = Ensure.Type <CngKey>(key, "RsaOaep256KeyManagement alg expects key to be of CngKey type.");

                return(new[] { cek, RsaOaep.Encrypt(cek, publicKey, CngAlgorithm.Sha256) });
            }

            if (key is RSACryptoServiceProvider)
            {
                //This is for backward compatibility only with 2.x
                //To be removed in 3.x
                var publicKey = RsaKey.New(((RSACryptoServiceProvider)key).ExportParameters(false));

                return(new[] { cek, RsaOaep.Encrypt(cek, publicKey, CngAlgorithm.Sha256) });
            }

            throw new ArgumentException("RsaKeyManagement algorithm expects key to be of CngKey type.");
#elif NET461
            if (key is CngKey)
            {
                var publicKey = (CngKey)key;

                return(new[] { cek, RsaOaep.Encrypt(cek, publicKey, CngAlgorithm.Sha256) });
            }

            if (key is RSACryptoServiceProvider)
            {
                //This is for backward compatibility only with 2.x
                //To be removed in 3.x
                var publicKey = RsaKey.New(((RSACryptoServiceProvider)key).ExportParameters(false));

                return(new[] { cek, RsaOaep.Encrypt(cek, publicKey, CngAlgorithm.Sha256) });
            }

            if (key is RSA)
            {
                var publicKey = (RSA)key;

                return(new[] { cek, publicKey.Encrypt(cek, RSAEncryptionPadding.OaepSHA256) });
            }

            throw new ArgumentException("RsaKeyManagement algorithm expects key to be of either CngKey or RSA types.");
#elif NETSTANDARD1_4
            var publicKey = Ensure.Type <RSA>(key, "RsaKeyManagement algorithm expects key to be of RSA type.");

            return(new[] { cek, publicKey.Encrypt(cek, RSAEncryptionPadding.OaepSHA256) });
#endif
        }
Exemplo n.º 2
0
        public byte[] Unwrap(byte[] encryptedCek, object key, int cekSizeBits, IDictionary <string, string> header)
        {
#if NET40
            if (key is RSACryptoServiceProvider)
            {
                //This is for backward compatibility only with 2.x
                //To be removed in 3.x
                var privateKey = RsaKey.New(((RSACryptoServiceProvider)key).ExportParameters(true));

                return(RsaOaep.Decrypt(encryptedCek, privateKey, CngAlgorithm.Sha256));
            }

            if (key is CngKey)
            {
                var privateKey = (CngKey)key;

                return(RsaOaep.Decrypt(encryptedCek, privateKey, CngAlgorithm.Sha256));
            }

            throw new ArgumentException("RsaKeyManagement algorithm expects key to be of CngKey type.");
#elif NET461
            if (key is CngKey)
            {
                var privateKey = (CngKey)key;

                return(RsaOaep.Decrypt(encryptedCek, privateKey, CngAlgorithm.Sha256));
            }

            if (key is RSACryptoServiceProvider)
            {
                //This is for backward compatibility only with 2.x
                //To be removed in 3.x
                var privateKey = RsaKey.New(((RSACryptoServiceProvider)key).ExportParameters(true));

                return(RsaOaep.Decrypt(encryptedCek, privateKey, CngAlgorithm.Sha256));
            }

            if (key is RSA)
            {
                var privateKey = (RSA)key;

                return(privateKey.Decrypt(encryptedCek, RSAEncryptionPadding.OaepSHA256));
            }

            throw new ArgumentException("RsaKeyManagement algorithm expects key to be of either CngKey or RSA types.");
#elif NETSTANDARD1_4
            var privateKey = Ensure.Type <RSA>(key, "RsaKeyManagement algorithm expects key to be of RSA type.");

            return(privateKey.Decrypt(encryptedCek, RSAEncryptionPadding.OaepSHA256));
#endif
        }
Exemplo n.º 3
0
        public bool Verify(byte[] signature, byte[] securedInput, object key)
        {
#if NET40
            if (key is CngKey)
            {
                var publicKey = (CngKey)key;

                try
                {
                    return(RsaPss.Verify(securedInput, signature, publicKey, Hash, saltSize));
                }
                catch (CryptographicException e)
                {
                    return(false);
                }
            }

            if (key is RSACryptoServiceProvider)
            {
                //This is for backward compatibility only with 2.x
                //To be removed in 3.x
                var publicKey = RsaKey.New(((RSACryptoServiceProvider)key).ExportParameters(false));

                try
                {
                    return(RsaPss.Verify(securedInput, signature, publicKey, Hash, saltSize));
                }
                catch (CryptographicException e)
                {
                    return(false);
                }
            }

            throw new ArgumentException("RsaUsingSha with PSS padding alg expects key to be of CngKey type.");
#elif NET461
            if (key is CngKey)
            {
                var publicKey = (CngKey)key;

                try
                {
                    return(RsaPss.Verify(securedInput, signature, publicKey, Hash, saltSize));
                }
                catch (CryptographicException e)
                {
                    return(false);
                }
            }

            if (key is RSACryptoServiceProvider)
            {
                //This is for backward compatibility only with 2.x
                //To be removed in 3.x
                var publicKey = RsaKey.New(((RSACryptoServiceProvider)key).ExportParameters(false));

                try
                {
                    return(RsaPss.Verify(securedInput, signature, publicKey, Hash, saltSize));
                }
                catch (CryptographicException e)
                {
                    return(false);
                }
            }

            if (key is RSA)
            {
                var publicKey = (RSA)key;

                return(publicKey.VerifyData(securedInput, signature, HashAlgorithm, RSASignaturePadding.Pss));
            }

            throw new ArgumentException("RsaUsingSha with PSS padding alg expects key to be of either CngKey or RSA types.");
#elif NETSTANDARD1_4
            var publicKey = Ensure.Type <RSA>(key, "RsaUsingSha with PSS padding alg expects key to be of RSA type.");
            return(publicKey.VerifyData(securedInput, signature, HashAlgorithm, RSASignaturePadding.Pss));
#endif
        }